One Article Review
| Source |  AlienVault Blog |
|---|---|
| Identifiant | 1307669 |
| Date de publication | 2019-09-05 13:00:00 (vue: 2019-09-05 16:02:29) |
| Titre | Ransomware experiences and why IT security professionals have a lot on their minds |
| Texte |
Every year we survey visitors to our booth at Black Hat about trending topics. This year, we asked about ransomware and the ever-increasing complexity of our cybersecurity environment. The results are very interesting - things may be getting much better, or we may all be collectively in denial. Let's break it down.
We surveyed 145 IT security professionals. First, we wanted to check in with the industry on their experiences with ransomware. We started by asking how many have been the victim of a ransomware attack - it turns out nearly 17% had been. Sadly, this fairly large number didn't come as much of a surprise to us given the headlines we have seen in the media recently.
Of course, one of the most difficult decisions anyone will make in their IT security career is "should I pay to get my data back". If ransomware has caught you off guard, your job or even the future of your company may be at stake. While rewarding criminal behavior may be a bad idea, when the stakes are high it can be difficult to take the high road. However, almost 58% of our respondents say they would.
This led to another question. Should it be illegal to pay the ransom? After all, if we allow ransomware criminals to achieve their goal, how will we ever stop them, and how will we incentivize companies to properly prepare themselves to thwart them? People were split on this question, with about 40% saying it should be illegal, and 60% saying that it should not be. Given this result, we probably won't see the IT community lobbying for new legislation in this area.
The most surprising result came when we asked if IT security professionals were ready for a ransomware attack. In case you're new to security, the only chance you have to mitigate ransomware is to have a solid security program that closes down all the vectors you can with protection tools, and it is almost impossible for these controls to be 100% effective. The only way to recover from ransomware is to have complete backups of your systems, wipe them clean, and start over. Expert tip: make sure the backups aren't stored on your network where they can be encrypted with the rest of your data.
Surprisingly, a full 69% of our survey respondents claim that they are prepared for a ransomware attack. This is wonderful news. It's also pretty surprising, given everything we see in the press these days:
More than 40 municipalities have been the victims of cyberattacks this year (NY Times 8/22/19)
A total of 850.97 million ransomware infections were detected by the institute in 2018 (Ponemon Institute)
Ransomware attacks on businesses have increased in the first quarter of 2019, up 195% percent since the fourth quarter of 2018 (Malwarebytes)
Only time will tell if our respondents are as prepared as they feel. We hope everyone is double checking their backups in the meantime.
Switching gears, we also wanted to understand how security buyers are feeling about their security programs and their ever-increasing complexity. We're all aware of the constant innovation in security technology - every new IT innovation and new attack vector seems to bring another set of mandatory prevention controls. But the old controls (endpoint, for example) never seem to go away.
This proliferation of products came across clearly in our responses, with over 30% reporting they use at least 20 products. Industry |
| Envoyé | Oui |
| Condensat | 100 145 195 2018 2019 8/22/19 850 about achieve across actors after alike all allow almost also another anyone are area aren't asked asking at&t attack attacks aware away back backups bad been behavior believe best better black board booth break bring businesses but buyers came can career case caught challenge chance chances check checking claim clean clearly closes cloud collectively come community companies company complete complex complexity constant control controls cooperate course criminal criminals cyberattacks cybersecurity data days: decisions denial detect detected detection didn't difficult does doesn't double down effective encrypted endpoint enterprises environment even ever every everyone everything example experiences expert fairly feel feeling firewall first focus following fourth from full future gears get getting given goal guard had has hat have headlines high hope how however idea illegal impossible incentivize incomplete inconsistent increased increasing indicates industry infections innovation institute institute in integration interesting investment isn't it's job keeps know large lastly leader least led legislation let's light lining lobbying lot major make makes malwarebytes manage mandatory many maximize may meantime media million minds mitigate more most much municipalities must nation nearly network never new news next night not number off old one only organization out over overwhelmed particular pay people percent ponemon practices prepare prepared press pretty prevention probably product products professionals program programs proliferation properly protection providers quarter question ransom ransomware ready recently reconfigure recover regime reporting research respond respondents response responses rest result results rewarding road sadly say saying security see seem seems seen sense service set shines should siloed silver since solid solutions split stake stakes start started state step stop stopping stored sure surprise surprising surprisingly survey surveyed switching systems take technology tell than them themselves there's these things threat threats thwart time times tip: tools topics total trending turns under understand use utilize vector vectors vendors very victim victims visitors vulnerable wanted way we're what when where which why will wipe won't wonderful would year you're your |
| Tags | Ransomware Guideline |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.